96 per cent of UK businesses don't feel prepared for a cyber-attack, according to a new study by Ernst and Young (EY). That leaves a paltry 4 per cent of UK businesses who feel confident in their operational security.
Budget constraints (69 per cent) and lack of skilled staff (66 per cent) emerged as the greatest barriers to sufficient security infrastructure being put in place.
Mark Brown, EY's director of information security at EY, said, "This year's results show that while businesses are faced with a rising number of security breaches, budget constraints and talent shortages mean that they fail to put in place those systems that match their needs."
The survey encompassed 1,900 senior executives from around the world, with 66 per cent of those in the UK reporting that the number of security incidents in their organisation has grown by at least 5 per cent over the past 12 months.
Despite this, only a quarter of UK respondents were planning on increasing their company's security budget by more than 5 per cent in the coming year.
The problem isn't always financial, though. As much as 50 per cent of respondents cited a lack of skilled resources as a barrier to value creation.
Brown agreed that a significant barrier to advancement in companies' security capabilities is Britain's dearth of talent in IT security.
"A lack of skilled talent is a global issue," he said, but "it is particularly acute in the UK, where government and companies are fiercely competing to recruit the brightest talent to their teams from a very small pool. As a result, while organisations feel they are addressing the right priorities, many indicate that they do not have the skilled resources to support their needs."
It's important to stay ahead of emerging threats, he added.
"Not considering risks until they arise gives cyber attackers the advantage, jeopardising an organisation's survival."
Image: Ernst & Young; Flickr (Lateralus_NC)